Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

Nation-state attacks through the Internet continue to escalate, with a massive surge in cyber-reconnaissance activity appearing to come from North Korea at the same time the country ratcheted up its nuclear rhetoric, according to security experts.

In February, attackers operating from North Korean Internet addresses probed U.S. servers more than 1,000 times, up from the previous average of fewer than 200 probes per month, according to managed security firm Solutionary. In addition, a massive reconnaissance operation—consisting of another 11,000 probes from servers in North Korea—was directed at a single financial institution, wrote Jon Heimerl, Solutionary's director of strategic security, in the brief analysis.

The attacks seem to coincide with North Korea's apparent nuclear test on Feb. 12, he said.

"There do appear to be several parallels between escalated verbal rhetoric and escalated cyber-attacks," Heimerl wrote. "It is evident that, whether government influenced or not, that the dual path of aggression is a new way of facing the world, at least from North Korea."

Further reading

The Internet has increasingly become the medium for deniable nation-state activity. From China's cyber-espionage to the United States' and Israel's alleged attack on Iran's nuclear program using the Stuxnet worm, cyber conflict has become a staple of nations' covert military intelligence and reconnaissance operations.

In February, for example, incident-response firm Mandiant released a report detailing the connections between an intelligence unit of China's People's Liberation Army and widespread attacks on U.S. companies and interests. In a blog posted on April 24, security firm Cyber Squared said that analysts using the firm's Threat Connect forum had found that those attacks had continued unabated and defied prediction, by hardly changing their tactics.

"Many within the global security industry, both public and private sectors, speculated that the group’s tactics, tools and procedures (TTPs) would change drastically in response to the disclosure," the firm stated in the post. "As of late April 2013, Chinese cyber-espionage threat groups have clearly continued their activity ... (and) in fact, there has been little change."

The United States is currently considering a variety of options in response to Chinese unabashed hacking, including trade sanctions and other diplomatic pressure, the prosecution of Chinese nationals in U.S. courts and striking back at the Chinese through cyber-space, according to officials cited in an Apr. 22 article in the Wall Street Journal.

The U.S. government has also signaled that cyber-operations have become a priority in the latest budget. The Obama administration plans to boost spending on cyber-security operations by $800 million to $4.7 billion, while cutting other Pentagon programs by nearly $4 billion.

The attacks emanating from North Korean IP space favor financial services, but show only slight preferences among other industries. Many other attacks focused on education, manufacturing and business services, according to Solutionary's data. The company expects that North Korea—and other nations with smaller military forces—to focus on Internet operations to achieve their national aims.

"Given the more hard-line government in North Korea, we expect escalations like this to continue, and to become even more evident in other conflicts around the globe," Solutionary's Heimerl wrote.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.